Matt Kulis ⚡️

🕉️

@w_s_bitcoin llama.ccp Huggingface qwen model locally hosted You can def decrease your token usage and go to a cheaper plan 2 save sats

Is it worth spending 200k sats a month to keep building new dashboards for my site? Here's the latest one I just added. Unit of Account dashboard that lets you compare any two currencies and even animate the historical exchange rate.

@horizon_trade_x Hi I see the vision & I’d like to help work on this dm

Charts break. The Horizon doesn't

@hosseeb Minus the part where they can freeze your shit @ any time

Stablecoins are actually super cypherpunk. CT has broken your brain on this. The idea that anyone at any time, with just a mobile phone, can hold and send dollars instaneously to anyone in the world, no KYC, no nothing--that was literally the cypherpunk dream.

@HashrateUp @simpleminingio But hashrate go up difficulty rate go up btc mined go down.

@simpleminingio 31m ROI in #BTC terms and if BTC Price goes up power gets cheaper. Few.

You could buy one Antminer S21 Pro for around $2,300 and host it at $0.07/kWh. Monthly power cost: roughly $177. Bitcoin produced per month at today's network difficulty: about 0.0032. At $78,000 per coin, that's around $250 of Bitcoin for $177 of electricity. Even if Bitcoin chops sideways at current prices, you still hold the hardware and accumulate every month. Sounds simple. Almost too simple.

Every Bitcoin bear market

there are some technical nuances worth mentioning, but they're well worth the tradeoffs IMO. biggest win: regulatory. you can't access the bitcoin, so you're not a custodian. this would be massive. inflation: ecash mint can't print more than it receives in btc. this is what hal finney did with his rPoW back in the day, but it wasn't tied to an existing currency. reproducible builds: the mint is reproducible meaning that anyone can verify whether the version running in the enclave is malicious or not. the operator could potentially run malicious code but transparent logs would prove that the operator acted maliciously. denial of service: this the biggest practical risk. the mint operator could simply turn it off and stop processing payments. since they can't rug the bitcoin, it doesn't really benefit the operator. if the operator used a funding source that expires, like ark, they would even risk losing their bitcoin which would disincentivize this behavior. just to be clear: this does not reduce the risk to zero, but it does get rid of the biggest regulatory concerns which means that public organizations that can be held accountable have a realistic path for running mints without becoming custodians. it's not a pipe dream, feasibility has been demonstrated internally. this is coming. it's a win win win for bitcoin and bitcoiners.

@aaronlage @MilkRoad If you take average between rfr & s&p .04 & .10 ~.07 you end up @ 837T in 30yrs

For context, what do you think the global GDP will be in 20-30yrs? Why would you compare an asset market cap in 2056 to 2026 GDP? It's basically an irrelevant metric. Even conservative estimates would be nearly $600 trillion by then and having an asset class worth $210 trillion isn't so far fetched. This doesn't even consider the probability of hyperinflation of the US dollar at some future point.

Michael Saylor says $10M per $BTC is "the endgame." That's a 130x from here. At $10M per coin, $BTC's total supply is worth roughly $210T. Global GDP is around $110T. Saylor's endgame puts Bitcoin at roughly twice what the entire world produces in a year.

$CAR insane setup: Selling the 500C/800C vertical spread (weeklies) to fade the overextended squeeze and capture IV crush. I didn't take the trade, but you could have!

Amount of USDT seized from Iran: $344M Amount of bitcoin seized from Iran: 0

$CAR IV sitting @ 218%. if structured correctly vertical call credit spreads could payoff nicely in the coming days/weeks.

@ChristianHeiens @romulus2095 It’s going up forever Laura (M2, debt as % of GDP, Bitcoin/USD exchange rate)

@romulus2095 We don’t. Nothing stops this train.

Since Trump took office, over 352,000 Federal employees have been fired, resigned, or retired and were not replaced. The Federal workforce is smaller today than at any point since 1966.

@MacroTides @EliNagar @grok estimate number of lightning transactions made per day

@EliNagar What a joke. Now compare number of transactions.

Sure, bitcoin is dead. Over 731,000 BTC (~$51.9 billion) moved across 572,454 transactions in 144 blocks, settled in 24 hours. For context, Visa processes ~$41B/day.

@RonSwanonson What is the bitcoin day payment? Did they advertise it?

I went back to Cajon Pass Deli to pay with Bitcoin on CashApp⚡️and collect the bounty CashApp gave me: - $5 in BTC for buying Bitcoin in the app - $25 in BTC for being the first to use the Square terminal at the deli - $25 for spending $1 or more at any Square terminal (4/6 thru 4/10) So, $55 in free Bitcoin for doing nothing @CashApp and @Square are crushing Bitcoin adoption… Go out and collect your free $25 in BTC!

The 10 steps of becoming a Bitcoiner: 1. Buy $200 worth because “it might be a good hedge.” 2. Watch it go up 11%, immediately develop a messiah complex, and start calculating what your portfolio will be worth when Bitcoin hits $13 million by Christmas. 3. Watch it drop 22% in two days, stare at the wall in total silence, and tell yourself you’re “thinking in four-year time horizons” while your stomach is falling through your ass. 4. Start pirating Austrian economics PDFs to read while you eat your Scooby Doo Kraft Mac & Cheese. 5. Begin saying phrases like “sound money,” “Cantillon effects,” and “monetary premium” to people who were simply trying to enjoy a burger in peace. You are totally not autistic AT ALL by this point. 6. Realize every purchase now has a shadow price in sats. That burrito isn’t $14.
That’s 11,000 sats, you absolute animal. 7. Develop a completely normal habit of checking the Bitcoin price at 3:17 AM with one eye open like a divorced Civil War general waiting for updates from the front. 8. Become physically incapable of hearing the phrase “diversified portfolio” without smirking like a schizophrenic medieval peasant who buried the king’s gold under his floorboards. 9. Lose the ability to talk to normies entirely because they’re excited about a 4.3% savings account while you’re internally screaming that the money is made of theatrical fog and central bank dementia. 10. Arrive at the final form: calm, dead-eyed, spiritually detached from the matrix, and weirdly comfortable knowing that everyone will call you insane right up until the exact moment they call you lucky. That’s the Bitcoiner journey.

@RonSwanonson @jack @Square Sending my pops there today. He’s excited to finally be able to spend irl

Officially got Bitcoin payments turned on for thecajonpassdeli.com in San Diego using @Square My favorite part was; “Why would I want to convert it to USD? I want to keep it as Bitcoin” Adoption happening in real time…

🚨 BREAKING: Google DeepMind just mapped the attack surface that nobody in AI is talking about. Websites can already detect when an AI agent visits and serve it completely different content than humans see. > Hidden instructions in HTML. > Malicious commands in image pixels. > Jailbreaks embedded in PDFs. Your AI agent is being manipulated right now and you can't see it happening. The study is the largest empirical measurement of AI manipulation ever conducted. 502 real participants across 8 countries. 23 different attack types. Frontier models including GPT-4o, Claude, and Gemini. The core finding is not that manipulation is theoretically possible it is that manipulation is already happening at scale and the defenses that exist today fail in ways that are both predictable and invisible to the humans who deployed the agents. Google DeepMind built a taxonomy of every known attack vector, tested them systematically, and measured exactly how often they work. The results should alarm everyone building agentic systems. The attack surface is larger than anyone has publicly acknowledged. Prompt injection where malicious instructions hidden in web content hijack an agent's behavior works through at least a dozen distinct channels. Text hidden in HTML comments that humans never see but agents read and follow. Instructions embedded in image metadata. Commands encoded in the pixels of images using steganography, invisible to human eyes but readable by vision-capable models. Malicious content in PDFs that appears as normal document text to the agent but contains override instructions. QR codes that redirect agents to attacker-controlled content. Indirect injection through search results, calendar invites, email bodies, and API responses any data source the agent consumes becomes a potential attack vector. The detection asymmetry is the finding that closes the escape hatch. Websites can already fingerprint AI agents with high reliability using timing analysis, behavioral patterns, and user-agent strings. This means the attack can be conditional: serve normal content to humans, serve manipulated content to agents. A user who asks their AI agent to book a flight, research a product, or summarize a document has no way to verify that the content the agent received matches what a human would see. The agent cannot tell the user it was served different content. It does not know. It processes whatever it receives and acts accordingly. The attack categories and what they enable: → Direct prompt injection: malicious instructions in any text the agent reads overrides goals, exfiltrates data, triggers unintended actions → Indirect injection via web content: hidden HTML, CSS visibility tricks, white text on white backgrounds invisible to humans, consumed by agents → Multimodal injection: commands in image pixels via steganography, instructions in image alt-text and metadata → Document injection: PDF content, spreadsheet cells, presentation speaker notes every file format is a potential vector → Environment manipulation: fake UI elements rendered only for agent vision models, misleading CAPTCHA-style challenges → Jailbreak embedding: safety bypass instructions hidden inside otherwise legitimate-looking content → Memory poisoning: injecting false information into agent memory systems that persists across sessions → Goal hijacking: gradual instruction drift across multiple interactions that redirects agent objectives without triggering safety filters → Exfiltration attacks: agents tricked into sending user data to attacker-controlled endpoints via legitimate-looking API calls → Cross-agent injection: compromised agents injecting malicious instructions into other agents in multi-agent pipelines The defense landscape is the most sobering part of the report. Input sanitization cleaning content before the agent processes it fails because the attack surface is too large and too varied. You cannot sanitize image pixels. You cannot reliably detect steganographic content at inference time. Prompt-level defenses that tell agents to ignore suspicious instructions fail because the injected content is designed to look legitimate. Sandboxing reduces the blast radius but does not prevent the injection itself. Human oversight the most commonly cited mitigation fails at the scale and speed at which agentic systems operate. A user who deploys an agent to browse 50 websites and summarize findings cannot review every page the agent visited for hidden instructions. The multi-agent cascade risk is where this becomes a systemic problem. In a pipeline where Agent A retrieves web content, Agent B processes it, and Agent C executes actions, a successful injection into Agent A's data feed propagates through the entire system. Agent B has no reason to distrust content that came from Agent A. Agent C has no reason to distrust instructions that came from Agent B. The injected command travels through the pipeline with the same trust level as legitimate instructions. Google DeepMind documents this explicitly: the attack does not need to compromise the model. It needs to compromise the data the model consumes. Every agentic system that reads external content is one carefully crafted webpage away from executing attacker instructions. The agents are already deployed. The attack infrastructure is already being built. The defenses are not ready.

🤔 👀

Remember to zip your folders before trying to transfer to another machine over Tailscale.

If you have enough patience (& burner gmail accounts) you can vibe code anything for free.

NEW: Coinbase and Fannie Mae partner with Better Home & Finance to launch Bitcoin-backed mortgages for U.S. homebuyers. Borrowers can pledge Bitcoin or USD Coin as collateral for down payments, allowing them to keep their assets and avoid triggering taxable sales. The loans are structured as conforming mortgages backed by Fannie Mae, meaning they follow standard underwriting rules and carry the same protections as traditional home loans. The product targets everyday buyers locked out by down payment constraints. Better says 41% of U.S. families can’t purchase homes due to lack of liquid cash, despite holding savings in other assets. Rising interest rates and high home prices have tightened affordability. A buyer targeting a $400K home may struggle to source $40K in cash without selling assets and navigating tax and legal friction. Coinbase says the offering brings crypto into mainstream housing finance, calling it “as American as apple pie.”